Re: JavaScript: A Tool, A Weapon

[coderman <coderman () gmail com>]

On Jan 4, 2008 1:24 PM,  <Valdis.Kletnieks () vt edu> wrote:
> ...
> I was whining about the Javascript sandbox being basically busticated...

the trick is to use a bigger sandbox.  virtual machines for browser
appliances with distinct sessions and address space is good thing;
just heavy weight at the moment...

(i think this is the sort of model used in bitfrost for the OLPC)

i suppose you could also use a perfectly secure browser and only
perfectly secure sites without worry, however, i see that likely as
instantaneous heat death of the universe in the next 60 seconds...
until then, make sure that when your web client shits all over itself
and all open sessions and maybe even the os, you've got a leak
resistant vm diaper (or other method) to contain the refuse.

flushing is as simple as rebooting an iso/ramdisk browser appliance.  *grin*

best regards,


p.p.s. yes, i know vm's are not a panacea or silver bullet.   however,
vm's do isolate a number of problems with shared localhost, sessions
and browser context that is just asking for pwnies on the web2.0
largess of today's www.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.